system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-10-22 11:19:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/arch
History
Radim Krčmář ae9ba37c04 KVM: nVMX: postpone VMCS changes on MSR_IA32_APICBASE write 
commit dccbfcf52c upstream.

If vmcs12 does not intercept APIC_BASE writes, then KVM will handle the
write with vmcs02 as the current VMCS.
This will incorrectly apply modifications intended for vmcs01 to vmcs02
and L2 can use it to gain access to L0's x2APIC registers by disabling
virtualized x2APIC while using msr bitmap that assumes enabled.

Postpone execution of vmx_set_virtual_x2apic_mode until vmcs01 is the
current VMCS.  An alternative solution would temporarily make vmcs01 the
current VMCS, but it requires more care.

Fixes: 8d14695f95 ("x86, apicv: add virtual x2apic support")
Reported-by: Jim Mattson <jmattson@google.com>
Reviewed-by: Wanpeng Li <wanpeng.li@hotmail.com>
Signed-off-by: Radim Krčmář <rkrcmar@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-10-07 15:23:46 +02:00
..
alpha alpha: fix copy_from_user() 2016-09-24 10:07:45 +02:00
arc ARC: uaccess: get_user to zero out dest in cause of fault 2016-09-24 10:07:44 +02:00
arm ARM: sa1111: fix pcmcia suspend/resume 2016-10-07 15:23:44 +02:00
arm64 arm64: debug: avoid resetting stepping state machine when TIF_SINGLESTEP 2016-10-07 15:23:42 +02:00
avr32 avr32: off by one in at32_init_pio() 2016-10-07 15:23:45 +02:00
blackfin net: smc91x: fix SMC accesses 2016-09-30 10:18:37 +02:00
c6x
cris cris: buggered copy_from_user/copy_to_user/clear_user 2016-09-24 10:07:44 +02:00
frv frv: fix clear_user() 2016-09-24 10:07:44 +02:00
h8300 h8300 update for v4.4 2015-11-12 15:26:39 -08:00
hexagon hexagon: fix strncpy_from_user() error return 2016-09-24 10:07:44 +02:00
ia64 ia64: copy_from_user() should zero the destination on access_ok() failure 2016-09-24 10:07:46 +02:00
m32r m32r: fix __get_user() 2016-09-24 10:07:43 +02:00
m68k m68k: Wire up mlock2 2015-11-22 11:35:26 +01:00
metag metag: copy_from_user() should zero the destination on access_ok() failure 2016-09-24 10:07:45 +02:00
microblaze microblaze: fix copy_from_user() 2016-09-24 10:07:43 +02:00
mips MIPS: uprobes: fix use of uninitialised variable 2016-10-07 15:23:43 +02:00
mn10300 mn10300: copy_from_user() should zero on access_ok() failure... 2016-09-24 10:07:45 +02:00
nios2 nios2: copy_from_user() should zero the tail of destination 2016-09-24 10:07:45 +02:00
openrisc openrisc: fix the fix of copy_from_user() 2016-09-24 10:07:46 +02:00
parisc parisc: fix copy_from_user() 2016-09-24 10:07:45 +02:00
powerpc powerpc/prom: Fix sub-processor option passed to ibm, client-architecture-support 2016-10-07 15:23:46 +02:00
s390 s390: get_user() should zero on failure 2016-09-24 10:07:44 +02:00
score score: fix copy_from_user() and friends 2016-09-24 10:07:44 +02:00
sh sh: fix copy_from_user() 2016-09-24 10:07:44 +02:00
sparc sparc32: fix copy_from_user() 2016-09-24 10:07:45 +02:00
tile tile: Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO 2016-10-07 15:23:44 +02:00
um um: Don't discard .text.exit section 2016-09-07 08:32:38 +02:00
unicore32 pwm: Changes for v4.4-rc1 2015-11-11 09:16:10 -08:00
x86 KVM: nVMX: postpone VMCS changes on MSR_IA32_APICBASE write 2016-10-07 15:23:46 +02:00
xtensa xtensa: clear all DBREAKC registers on start 2016-04-12 09:08:55 -07:00
.gitignore
Kconfig